Android Java and Native Code Security Training

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 4 Days
  • Download PDF
  • We can host this training at your preferred location. Contact us!

Android is an open platform for mobile devices such as handsets and tablets. It has a large variety of security features to make developing secure software easier; however, it is also missing certain security aspects that are present in other hand-held platforms. The course gives a comprehensive overview of these features, and points out the most critical shortcomings to be aware of related to the underlying Linux, the file system and the environment in general, as well as regarding using permissions and other Android software development components.

Typical security pitfalls and vulnerabilities are described both for native code and Java applications, along with recommendations and best practices to avoid and mitigate them. In case of native code applications we go into more details, discussing memory management related issues, protection techniques as well as their circumvention (such as Return Oriented Programming). Finally, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography and PKI are also discussed and put into the context of Android.

In many cases discussed issues are supported with real-life examples and case studies. Finally, we give a brief overview on how to use security testing tools to reveal any programming bugs.

There are no prerequisites for this course.

Android application developers, architects and testers. 

  • Understand basic concepts of security, IT security and secure coding
  • Learn the security solutions on Android
  • Have a practical understanding of cryptography
  • Learn to use various security features of the Android platform
  • Learn about denial of service attacks and protections
  • Get information about some recent vulnerabilities in Java on Android
  • Learn about typical coding mistakes and how to avoid them
  • Get understanding on native code vulnerabilities on Android
  • Realize the severe consequences of unsecure buffer handling in native code
  • Understand the architectural protection techniques and their weaknesses
  • Get practical knowledge in using security testing tools for Android
  • Get sources and further readings on secure coding practices

  • IT security and secure coding
  • Android security overview
  • Practical cryptography
  • Android application security
  • Protecting Android applications
  • Denial of service
  • Input validation
  • Android native code security
  • Improper use of security features
  • Improper error and exception handling
  • Information leakage through error reporting
  • Code quality problems
  • Testing Android code
  • Principles of security and secure coding
  • Knowledge sources

Contact us for more detail about our trainings and for all other enquiries!